OpenAI Confirms Hack Linked to TanStack Attack

It has been discovered that hackers took control of multiple open-source projects that were utilised by numerous businesses earlier this week and released updates intended to propagate malware. This is claimed to be the most recent of several recent attacks on software engineers and their projects that are referred to as “supply chain” attacks.

OpenAI acknowledged on Wednesday that this hack had greatly “impacted” the devices of two workers. However, following an inquiry, the business stated in a blog post that it had “no evidence that our production systems or intellectual property were compromised in any way, that our software was altered, or that OpenAI user data was accessed.”

A data breach brought on by a software supply chain attack that has been verified by OpenAI. The popular open-source web application library TanStack was taken over by hackers, which led to the event. OpenAI claims there is no proof that customer user data, production systems, or fundamental AI intellectual property were accessed or compromised, despite the attackers’ successful theft of internal credential material from particular code repositories.

The incident is part of a broader cyber-campaign known as “Mini Shai-Hulud.” This campaign uses compromised developer tools to distribute malware across multiple technology organizations. The attack vector involved pushing 84 malicious package versions to the TanStack library within a six-minute window. 

These packages embedded an information-stealing malware designed to extract local credentials. Two OpenAI employees downloaded the corrupted package onto their devices. As a result, the hackers gained unauthorized access to a limited subset of internal source-code repositories. The attackers exfiltrated limited credentialed data. They also exposed the digital code-signing certificates used to verify OpenAI software.

A prior attack on TanStack, a well-known open-source framework that aids developers in creating web applications, compromised the devices of staff, according to a source from OpenAI.

TanStack had revealed the attack and released a postmortem on Monday, where it claimed that during a six-minute period, hackers released 84 malicious copies of its software. According to the initiative, a researcher found the attack in less than twenty minutes. The malicious TanStack versions contained malware that was intended to self-propagate to spread to other systems and steal login credentials from computers on which the program was installed.

OpenAI claimed that it discovered credentials theft and unauthorized access “in a limited subset of internal source code repositories to which the two impacted employees had access.”

The AI giant claims that “only limited credential material” was extracted from the impacted code repositories. OpenAI stated that it is rotating the digital certificates “as a precaution,” which will require macOS users to update the program, because the impacted repositories held digital certificates used to certify OpenAI’s goods.

The business had stated that they have discovered no evidence of compromise or risk to existing software installations.

The perpetrators of the TanStack attack are unknown. A cyber gang called TeamPCP, which was also a victim of hackers, has been blamed for several of the previous supply chain breaches.

However, similar strategies have been used by other organizations against other initiatives. Axios, a well-known open-source development platform, was taken over by North Korean hackers in March, and they then distributed malware that might have affected millions of developers. Additionally, a similar attack on thousands of Windows systems running Daemon Tools, a disc imaging program, was allegedly carried out by Chinese hackers in May.

Instead of focusing on particular businesses, these attacks include hackers taking over open-source projects and releasing malware under the appearance of harmless routine updates. This enables criminals to spread the harm around the internet by possibly compromising dozens of targets with a single breach.